Predicting Vulnerabilities in Computer Source Code Using Non-Investigated Software Metrics

Predicting Vulnerabilities in Computer Source Code Using Non-Investigated Software Metrics

연구 분야: Verification

학회: Software Quality Journal

Flaws in the design of the computer systems, bugs, and vulnerabilities cause failures in computer systems. Various techniques such as machine learning and deep learning algorithms are used to predict and detect vulnerabilities. Such techniques use text mining and software metrics as features set in the building and training of the predictive model. This paper investigates the impact of the non-investigated software metrics and the known software metrics in predicting the availability of bugs in software source code. The deep learning algorithm used in the design of the predictive model includes the Inception model, which is a variant of convolutional neural network, attention-based multilayer perceptron, and long short-term memory. The experimental results show that known and non-investigated or new software metrics are not ideal for vulnerability prediction in source code.